1eu introduction

299 views

Published on

Published in: Technology, Art & Photos
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
299
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • \n
  • 1eu introduction

    1. 1. 1EU Introduction james.wang@quest.com Sep 05, 2011
    2. 2. What does 1EU stand for ?• 1EU = Integrated R&D Organization and Architecture for Quest End User
    3. 3. Agenda• Team Introduction• Definitions• Logical Components• Concepts
    4. 4. 1EU Team• Product Architect - Rob Dickinson• 3 labs• San Diego• Boulder• Zhuhai
    5. 5. 1EU is...• The codename for ongoing efforts to boost eCritical, Xaffire, Foglight silos• A next-generation EU product using Foglight and Toad ecosystems as its foundation• An optimization problem : How to deliver powerful EU capabilities with greatest simplicity and ease-of-use ?• New all-in-one appliance platform (Dell R510)• Simultaneous release of sniffer & archiver VMs• Shifting revenue focus to VMs over several years• Setting the stage for continued growth & coping with expected market
    6. 6. 1EU is NOT...• Foglight + FxM + FxV as they exist today• Every EU feature ever developed• “Re-invention” of core IP (sniffer, archiver)• A multi-year pure research project (like AJAX)• A product name or customer-facing term• A drop-in replacement for existing FxM and FxV accounts
    7. 7. Hmm, but I’m still confused...
    8. 8. Hmm, but I’m still confused...• Don’t worry, let’s move on
    9. 9. James’ Definition
    10. 10. James’ Definition• 1EU is a system that allows you capture specified network traffics (via sniffer), send all the streams to archivers (via relayer) then store them, thus user can search / replay all the streams on Foglight UI.
    11. 11. James’ Definition• 1EU is a system that allows you capture specified network traffics (via sniffer), send all the streams to archivers (via relayer) then store them, thus user can search / replay all the streams on Foglight UI.• Above definition only represents personal opinion ( )
    12. 12. Let’s code
    13. 13. Let’s code# Initializationdef cartridge = Cartridge.new.configure_sniffers .configure_archivers .configure_capture_groups .configure_analyzers .configure_private_keysdef capture_group = CaptureGroup.new(cartridge.configurations.capture_groups[0])def sniffer = Sniffer.new(cartridge.configurations.sniffers[0]).belongs_to(capture_group)def relayer = Relayer.new(cartridge.configurations.relayers[0]).belongs_to(capture_group)def archivers = cartridge.configurations.archivers.collect { |ac| Archiver.new(ac).belongs_to(capture_group)}def archiver_database = ArchiverDatabase.new(cartridge.configurations.archiver_database)
    14. 14. Sniffer Thread
    15. 15. Sniffer ThreadThread.new do def raw_packets = sniffer.collect.by(network_tap) def private_key = cartridge.configurations.private_key def streams = sniffer.reassemle(raw_packets) .ssl_decryption_while_necessary .with(private_key) sniffer.send(streams).to(replayer)end
    16. 16. Relayer Thread
    17. 17. Relayer ThreadThread.new do def streams = relayer.accept def archiver = relayer.select(archivers).by_user_session relayer.send(streams).to(archiver)end
    18. 18. Archiver Thread
    19. 19. Archiver ThreadThread.new do def streams = archiver.accept archiver.store(streams).in(archiver_database)end
    20. 20. Archiver Database Thread
    21. 21. Archiver Database ThreadThread.new do def streams = archiver_database.accept def sharding_policy = ShardingPolicy.new(archiver, max_hits, max_hours) def shard = archiver_database.selec(sharding_policy) def aspects = StreamOrganizer.organize(streams) archiver_database.store(aspects).in(shard)end
    22. 22. Stream Types
    23. 23. Stream Types# Stream Typesputs Stream.subclasses.join(, )# GotMetric, Hit, Page, Sequence, Session, WatchPoint
    24. 24. Appliance
    25. 25. ApplianceThe generic term for an operating system image (and//or underlying hardware) provided by Questthat runs 1EU components.# Runappliance_types.each do |appliance| puts appliance.type appliance.components.each do |component| puts component endend# ResultsNative Appliance All-in-One appliance Archiver appliance Sniffer applianceVirtual Appliance Foglight VM Archiver VM Sniffer VM
    26. 26. CartridgeConfiguration
    27. 27. Cartridge Configurationcartridge.with_configuration_servlet do
    28. 28. Cartridge Configurationcartridge.with_configuration_servlet do configure_capture_groups
    29. 29. Cartridge Configurationcartridge.with_configuration_servlet do configure_capture_groups configure_appliance_mon
    30. 30. Cartridge Configurationcartridge.with_configuration_servlet do configure_capture_groups configure_appliance_mon configure_sniffers.through(sniffer_mon).with_ssl_keys
    31. 31. Cartridge Configurationcartridge.with_configuration_servlet do configure_capture_groups configure_appliance_mon configure_sniffers.through(sniffer_mon).with_ssl_keys configure_archivers
    32. 32. Cartridge Configurationcartridge.with_configuration_servlet do configure_capture_groups configure_appliance_mon configure_sniffers.through(sniffer_mon).with_ssl_keys configure_archivers configure_namespaces
    33. 33. Cartridge Configurationcartridge.with_configuration_servlet do configure_capture_groups configure_appliance_mon configure_sniffers.through(sniffer_mon).with_ssl_keys configure_archivers configure_namespaces configure_monitored_ip_addresses
    34. 34. Cartridge Configurationcartridge.with_configuration_servlet do configure_capture_groups configure_appliance_mon configure_sniffers.through(sniffer_mon).with_ssl_keys configure_archivers configure_namespaces configure_monitored_ip_addresses configure_monitored_ports
    35. 35. Cartridge Configurationcartridge.with_configuration_servlet do configure_capture_groups configure_appliance_mon configure_sniffers.through(sniffer_mon).with_ssl_keys configure_archivers configure_namespaces configure_monitored_ip_addresses configure_monitored_ports configure_monitored_subnets
    36. 36. Cartridge Configurationcartridge.with_configuration_servlet do configure_capture_groups configure_appliance_mon configure_sniffers.through(sniffer_mon).with_ssl_keys configure_archivers configure_namespaces configure_monitored_ip_addresses configure_monitored_ports configure_monitored_subnets configure_subnet_filters
    37. 37. Cartridge Configurationcartridge.with_configuration_servlet do configure_capture_groups configure_appliance_mon configure_sniffers.through(sniffer_mon).with_ssl_keys configure_archivers configure_namespaces configure_monitored_ip_addresses configure_monitored_ports configure_monitored_subnets configure_subnet_filters configure_analyzers do
    38. 38. Cartridge Configurationcartridge.with_configuration_servlet do configure_capture_groups configure_appliance_mon configure_sniffers.through(sniffer_mon).with_ssl_keys configure_archivers configure_namespaces configure_monitored_ip_addresses configure_monitored_ports configure_monitored_subnets configure_subnet_filters configure_analyzers do configure_hit_analyzers
    39. 39. Cartridge Configurationcartridge.with_configuration_servlet do configure_capture_groups configure_appliance_mon configure_sniffers.through(sniffer_mon).with_ssl_keys configure_archivers configure_namespaces configure_monitored_ip_addresses configure_monitored_ports configure_monitored_subnets configure_subnet_filters configure_analyzers do configure_hit_analyzers configure_page_analyzers
    40. 40. Cartridge Configurationcartridge.with_configuration_servlet do configure_capture_groups configure_appliance_mon configure_sniffers.through(sniffer_mon).with_ssl_keys configure_archivers configure_namespaces configure_monitored_ip_addresses configure_monitored_ports configure_monitored_subnets configure_subnet_filters configure_analyzers do configure_hit_analyzers configure_page_analyzers configure_sequence_analyzers
    41. 41. Cartridge Configurationcartridge.with_configuration_servlet do configure_capture_groups configure_appliance_mon configure_sniffers.through(sniffer_mon).with_ssl_keys configure_archivers configure_namespaces configure_monitored_ip_addresses configure_monitored_ports configure_monitored_subnets configure_subnet_filters configure_analyzers do configure_hit_analyzers configure_page_analyzers configure_sequence_analyzers configure_session_analyzers
    42. 42. Cartridge Configurationcartridge.with_configuration_servlet do configure_capture_groups configure_appliance_mon configure_sniffers.through(sniffer_mon).with_ssl_keys configure_archivers configure_namespaces configure_monitored_ip_addresses configure_monitored_ports configure_monitored_subnets configure_subnet_filters configure_analyzers do configure_hit_analyzers configure_page_analyzers configure_sequence_analyzers configure_session_analyzers end
    43. 43. Cartridge Configurationcartridge.with_configuration_servlet do configure_capture_groups configure_appliance_mon configure_sniffers.through(sniffer_mon).with_ssl_keys configure_archivers configure_namespaces configure_monitored_ip_addresses configure_monitored_ports configure_monitored_subnets configure_subnet_filters configure_analyzers do configure_hit_analyzers configure_page_analyzers configure_sequence_analyzers configure_session_analyzers endend
    44. 44. Cartridge Reporting
    45. 45. End User Definition
    46. 46. End User Definitionend_user do
    47. 47. End User Definitionend_user do is a human
    48. 48. End User Definitionend_user do is a human use a browser to connect to a web site
    49. 49. End User Definitionend_user do is a human use a browser to connect to a web site whose hits and pages are monitored by a sniffer
    50. 50. End User Definitionend_user do is a human use a browser to connect to a web site whose hits and pages are monitored by a sniffer whose sessions are captured by an archiver
    51. 51. End User Definitionend_user do is a human use a browser to connect to a web site whose hits and pages are monitored by a sniffer whose sessions are captured by an archiver has one or more sessions
    52. 52. End User Definitionend_user do is a human use a browser to connect to a web site whose hits and pages are monitored by a sniffer whose sessions are captured by an archiver has one or more sessions sessions.each { |session| session.has_a_unique_identifier }
    53. 53. End User Definitionend_user do is a human use a browser to connect to a web site whose hits and pages are monitored by a sniffer whose sessions are captured by an archiver has one or more sessions sessions.each { |session| session.has_a_unique_identifier } can be uniquely identified by session_id
    54. 54. End User Definitionend_user do is a human use a browser to connect to a web site whose hits and pages are monitored by a sniffer whose sessions are captured by an archiver has one or more sessions sessions.each { |session| session.has_a_unique_identifier } can be uniquely identified by session_idend
    55. 55. End User Definitionend_user do is a human use a browser to connect to a web site whose hits and pages are monitored by a sniffer whose sessions are captured by an archiver has one or more sessions sessions.each { |session| session.has_a_unique_identifier } can be uniquely identified by session_idend
    56. 56. Host & End Point
    57. 57. Host & End Pointhost do is a standard foglight defined host def monitored_ip_address = host.monitored_ip_addresses.any def monitored_port = host.monitored_ports.any def protocol = protocols.any def end_point = "#{protocol}://#{monitored_ip_address}:#{monitored_port}"end#End Point Exampleshttp://localhost:8080soap://localhost:6000tcp://localhost:6161
    58. 58. Cartridge Reporting
    59. 59. Cartridge Reportingend_user.connect_to_website.by(browser) do
    60. 60. Cartridge Reportingend_user.connect_to_website.by(browser) do search_hits
    61. 61. Cartridge Reportingend_user.connect_to_website.by(browser) do search_hits search_pages
    62. 62. Cartridge Reportingend_user.connect_to_website.by(browser) do search_hits search_pages search_sequences
    63. 63. Cartridge Reportingend_user.connect_to_website.by(browser) do search_hits search_pages search_sequences search_sessions
    64. 64. Cartridge Reportingend_user.connect_to_website.by(browser) do search_hits search_pages search_sequences search_sessions watch_metrics
    65. 65. Cartridge Reportingend_user.connect_to_website.by(browser) do search_hits search_pages search_sequences search_sessions watch_metricsend
    66. 66. Metrics in 1EU
    67. 67. Metrics in 1EU# Runmetric_types.each do |metric| puts "#{metric.name} - #{metric.description}"end# ResultsAPM metrics - aggregate web server metrics (Bandwidth Usage for Web server A) or aggregate web site metrics (Login Attempts for Web site B)Health metrics - a small set used to monitor the appliance hardware and software.
    68. 68. Data Flow Diagrams
    69. 69. Data Flow Diagrams
    70. 70. References
    71. 71. References• Referenced websites
    72. 72. References• Referenced websites http://innovate.prod.quest.corp/display/FGL5/1EU
    73. 73. References• Referenced websites http://innovate.prod.quest.corp/display/FGL5/1EU• Referenced materials
    74. 74. References• Referenced websites http://innovate.prod.quest.corp/display/FGL5/1EU• Referenced materials 1EU-defined.ppt
    75. 75. References• Referenced websites http://innovate.prod.quest.corp/display/FGL5/1EU• Referenced materials 1EU-defined.ppt 1EU Glossary
    76. 76. References• Referenced websites http://innovate.prod.quest.corp/display/FGL5/1EU• Referenced materials 1EU-defined.ppt 1EU Glossary 1EU Data Flow Diagrams
    77. 77. Thanks

    ×